Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
django-anymail project django-anymail vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2018-6596
webhooks/base.py in Anymail (aka django-anymail) prior to 1.2.1 is prone to a timing attack vulnerability on the WEBHOOK_AUTHORIZATION secret, which allows remote malicious users to post arbitrary e-mail tracking events.
Django-anymail Project Django-anymail
Debian Debian Linux 9.0
7.4
CVSSv3
CVE-2018-1000089
Anymail django-anymail version version 0.2 up to and including 1.3 contains a CWE-532, CWE-209 vulnerability in WEBHOOK_AUTHORIZATION setting value that can result in An attacker with access to error logs could fabricate email tracking events. This attack appear to be exploitable...
Django-anymail Project Django-anymail
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started